Towards Secure and Dependaple Storage Services in Cloud Computing

Towards Secure and Dependable Storage Services in
Cloud Computing
ABSTRACT
In this paper we explore a technique to secure and dependable storage service.
Generally Cloud storage enables users to remotely store their data and enjoy the ondemand high quality cloud applications without the burden of local hardware and
software management. Though the benefits are clear, such a service is also relinquishing
usersphysical possession of their outsourced data, which inevitably poses new security
risks towards the correctness of the data in cloud. In order to address this new problem
and further achieve a secure and dependable cloud storage service, we propose in this
paper a flexible distributed storage integrity auditing mechanism, utilizing the
homomorphic token and distributed erasure-coded data. The proposed design allows
users to audit the cloud storage with very lightweight communication and computation
cost. The auditing result not only ensures strong cloud storage correctness guarantee,
but also simultaneously achieves fast data error localization, i.e., the identification of
misbehaving server.
TABLE OF CONTENTS
CHAPTER NO.
TITLE
PAGE
ABSTRACT
NO.
i
LIST OF FIGURES
LIST OF SYMBOLS
LIST OF ABBREVIATIONS
vii
LIST OF TABLES
xi
xii
1.
CHAPTER 1 : INTRODUCTION
1
2
3
GENERAL
OBJECTIVE
EXISTING SYSTEM
1.3.1EXISTINGSYSTEMDISADVANTAGES
1.3.2 LITERATURE SURVEY
1.4 PROPOSED SYSTEM
2.
1.4.1 PROPOSED SYSTEM ADVANTAGES

CHAPTER 2 :PROJECT DESCRIPTION
2.1 GENERAL
2.2 PROBLEM DEFINATION
2.3 METHODOLOGIES
2.3.1 MODULES NAME
2.3.2 MODULES EXPLANATION
2.3.3 MODULE DIAGRAM
2.3.4GIVEN INPUT AND EXPECTED
OUTPUT2.4 TECHNIQUE OR ALGORITHM
3.
CHAPTER 3 : REQUIREMENTS
3.1 GENERAL
3.2 HARDWARE REQUIREMENTS
3.3 SOFTWARE REQUIREMENTS
3.4 FUNCTIONAL SPECIFICATION
3.5 NON-FUNCTIONAL SPECIFICATION
4.
CHAPTER 4 : SYSTEM DESIGN

4.1 GENERAL
4.1.1 ACTIVITY DIAGRAM
4.1.2 USE CASE DIAGRAM
4.1.3 DATA FLOW DIAGRAM
4.1.4SEQUENCE DIAGRAM
4.1.5COLLABORATION DIAGRAM
4.1.6CLASS DIAGRAM
4.1.7 SYSTEM ARCHITECTURE
4.1.8 OBJECT DIAGRAM
4.1.9 STATE DIAGRAM
4.1.10 COMPONENT DIAGRAM
4.1.11 E-R DIAGRAM
5.
4.2 DATABASE DESIGN

CHAPTER 5 :SOFTWARE SPECIFICATION
5.1 GENERAL
FRONT END
5.2 FEATURES OF JAVA
5.2.1 THE JAVA FRAMEWORK
5.2.2 OBJECTIVE OF JAVA
5.2.3 COMPONETS OF JAVA FRMEWORK
5.3
FEATURES
LANGUAGE
OF
THE
COMMON
RUNTIME
5.4 J2EE
5.4.1 EVALUTION OF J2EE
5.4.2 THE J2EE DATA ARCHITECTURE
5.5.3 COMPONENT CLASSES THAT MAKE
UP
DATA PROVIDERS
CHAPTER 6 : IMPLEMENTATION
6.
6.1 GENERAL
6.2 IMPLEMENTATION
6.3 DATA BASE TABLE STRUCTURE
7.
CHAPTER 7 : SNAPSHOTS
7.1 GENERAL
8.
7.2 VARIOUS SNAPSHOTS

CHAPTER 8 : SOFTWARE TESTING
8.1 GENERAL
8.2 DEVELOPING METHODOLOGIES
9.
8.3 TYPES OF TESTING

CHAPTER 9 :
APPLICATIONS
AND
ENHANCEMENT
9.1 GENERAL
9.2 APPLICATIONS
10
9.3 FUTURE ENHANCEMENTS

CHAPTER 10 :
10.1CONCLUSION
10.2 REFERENCES
FUTURE
LIST OF FIGURES
FIGURE NO
2.3.2
NAME OF THE FIGURE

Module Diagram
4.2
Activity Diagram
4.3
Use case Diagram
4.4
Data flow diagram
4.5
Sequence diagram
4.6
Collaboration diagram
4.7
Class diagram
4.8
4.9
4.10
4.11
Architecture Diagram
Object Diagram
State Diagram
Component Diagram
PAGE NO.
LIST OF SYSMBOLS
NOTATION
S.NO NAME
NOTATION
DESCRIPTION
Class Name
1.
Class
+ public
-private
# protected
Class A
2.
-attribute
-attribute
Represents
+operation
+operation
+operation
entities
NAMEClass B
Association
collection of similar
grouped
together.
Associations
represents
Class A
Class B
static
relationships between
classes.
Roles
represents the way the

two classes see each
other.
3.
Actor
It aggregates several
classes into a single
classes.
Aggregati
5.
on
Interaction
Class A
Class A
the
between
system
and
external environment
Class B
Class B
5.
Relation
uses
(uses)
Used for additional

Represents
process
Component
6.
Relation
physical modules
communication.
which
is
a
Extends relationship
collection
of
is used when one use
components.
case is similar to
extends
(extends)
another use case but

does a bit more.
7.
Communicatio
Communication
between various use

cases.
8.
State
9.
Initial State
State
State of the processs.
Initial state of the

object
10.
Final state
F inal state of the
object
11.
Control flow
Represents
various
control flow between

the states.
Usescase
Represents
15.
Node
physical
modules which are a

collection
of
components.
A
16.
circle in DFD
Data
represents a state or
Process/Stat
process
been triggered due to
which
has
some event or acion.
17.
External
Represents
entity
entities
external
such
as
keyboard,sensors,etc.
18.
Transition
Represents
communication
occurs
that
between
processes.
19.
Object
Represents
Lifeline
vertical
that
the
dimensions
the
object
communications.
20.
Message
Message
Represents
the
message exchanged.
LIST OF ABBREVATION
S.NO
1.
2.
ABBREVATION
EXPANSION
CSP
cloud service providers
CS
Cloud Server
3.
TPA
Third Party Auditor
4.
LAN
Local Area Network
5.
ISP
Internet Service Provider
CHAPTER 1
INTRODUCTION
1.1.
GENERAL
SEVERAL trends are opening up the era of Cloud Computing, which is an Internetbased development and use of computer technology. The ever cheaper and more
powerful processors, t ogether with the software as a service computing architecture,
are transforming data centers into pools of computing service on a huge scale. The
increasing network bandwidth and reliable yet flexible network connections make it
even possible that users can now subscribe high quality services from data and software
that reside solely on remote data centers. Moving data into the cloud offers great
convenience to users since they dont have to care about the complexities of direct
hardware management. The pioneer of Cloud Computing vendors, Amazon Simple
Storage Service ( and Amazon Elastic Compute Cloud are both well known examples.
While these internet-based online services do provide huge amounts of storage space
and customizable computing resources, this computing platform shift, however, is
eliminating the responsibility of local machines for data maintenance at the same time.
1.2. OBJECTIVE
In this paper, we provide the solution of data security in cloud data storage, which is
essentially a distributed storage system. To achieve the assurances of cloud data
integrity and availability and enforce the quality of dependable cloud storage service for
users, we propose an effective and flexible distributed scheme with explicit dynamic
data support, including block update, delete, and append.
1.3 Existing SYSTEM

Cloud computing System relinquishing users physical possession of their
outsourced data, which inevitably poses new security risks towards the correctness of
the data in cloud. In existing system privacy data will be stolen by network. This cause
the identification of misbehaving server.
1.3.1 LITERATURE SURVEY

1.3.1.1
Author:
Title:
Dynamic Provable Data Possession

C. Chris Erway Alptekin Kupc u Charalampos
Papamanthou Roberto Tamassia
As storage-outsourcing services and resource-sharing networks have become

popular, the problem of efciently proving the integrity of data stored at trusted
servers has received increased attention. In the provable data possession (PDP)
model, the client preprocesses the data and then sends it to an entrusted server for
storage, while keeping a small amount of meta-data. The client later asks the server
to prove that the stored data has not been tampered with or deleted (without
downloading the actual data). However, the original PDP scheme applies only to
static les. We present a
enitional framework and efcient constructions for
dynamic provable data possession (DPDP), which extends the PDP model to support
provable updates to stored data. We use a new version of authenticated dictionaries
based on rank information. The price of dynamic updates is a performance change
from (or O(n log n)), for a le consisting of n blocks, while aintaining the same
(or better, respectively) probability of misbehavior detection. Our experiments show
that this slowdown is very low in practice .We also show how to apply our DPDP
scheme to outsourced le systems and version control systems .
Drawback:
In cloud storage systems, the server that stores the clients data is not necessarily
trusted. Therefore, users would like to check if their data has been tampered with or
deleted. However, outsourcing the storage of very large files (or whole file systems)
to remote servers presents an additional constraint: the client should not download
all stored data in order to validate it since this may be prohibitive in terms of
bandwidth and time.
1.3.1.2
Title: HAIL: A High-Availability and Integrity Layer for Cloud
Author:
Storage
Kevin D. Bowers
Description:
We introduce HAIL (High-Availability and Integrity Layer), a distributed
cryptographic system that allows a set of servers to prove to a client that a stored le
is intact and retrievable. HAIL strengthens, formally unies, and streamlines distinct
approaches from the cryptographic and distributed-systems communities. Proofs in
HAIL are efciently computable by servers and highly compact typically tens or
hundreds of bytes, irrespective of le size. HAIL cryptographically veries and
reactively reallocates le shares. It is robust against an active, mobile adversary, i.e.,
one that may progressively corrupt the full set of servers. We propose a strong,
formal adversarial model for HAIL, and rigorous analysis and parameter choices.
We show how HAIL improves on the security and efciency of existing tools, like
Proofs of Retrievability (PORs) deployed on individual servers. We also report on a
prototype implementation.
Drawback:
As a standalone tool for testing file retrievability against a single server, though, a
POR is of limited value. Detecting that a file is corrupted is not helpful if the file is
irretrievable and thus the client has no recourse.
1.3.1.3Title :
Incremental Cryptography: The Case of Hashing and Signing
We initiate the investigation of a new kind of eciency for cryptographic

transformations.The idea is that having once applied the transformation to some
documentM, the time to update the result upon modication of M should be
proportional" to the \amount of modification"done to M. Thereby one obtains much
faster cryptographic primitives for environments where closely related documents are
undergoing the same cryptographic transformations. We provide some basic denitions
enabling treatment of the new notion. We then exemplify our approach by suggesting
incremental schemes for hashing and signing which are ecient according to our new
measure.
Draw back:
Here more complex update operations on messages such as insertion (of a new block
into the message) or deletion (of an existing block) are complex.
1.3.1.4Title:
A Practical Byzantine Fault Tolerance and Proactive Recovery
Author:
M. Castro and B. Liskov
Description:
Our growing reliance on online services accessible on the Internet demands
highly available systems that provide correct service without interruptions. Software
bugs, operator mistakes, and
malicious attacks are a major cause of service
interruptions and they can cause arbitrary behavior, that is, Byzantine faults. This article
describes a new replication algorithm, BFT, that can be used to build highly available
systems that tolerate Byzantine faults. BFT can be used in practice to implement real
services: it performs well, it is safe in asynchronous environments such as the Internet,
it incorporates mechanisms to defend against Byzantine-faulty clients, and it recovers
replicas proactively. The recovery mechanism allows the algorithm to tolerate any
number of faults over the lifetime of the system provided fewer than 1=3 of the replicas
become faulty within a small window of vulnerability. BFT has been implemented as a
generic program library with a simple interface. We used the library to implement the
first Byzantine-fault-tolerant NFS file system, BFS. The BFT library and BFS perform
well because the library incorporates several important optimizations, the most
important of which is the use of symmetric cryptography to authenticate messages. The
performance results show that BFS performs 2% faster to 24% slower than production
implementations of the NFS protocol that are not replicated. This supports our claim
that the BFT library can be used to build practical systems that tolerate Byzantine faults.
Drawback:
It does not address the problem of fault-tolerant privacy: a faulty replica may leak
information to an attacker. It is not yet practical to offer fault tolerant privacy in the
general case because service operations may perform
arbitrary computations.
1.3.1.5 Title:
Privacy-preserving public auditing for storage security in

cloud computing
Author:
C. Wang, Q. Wang, K. Ren, and W. Lou
Description
Cloud Computing is the long dreamed vision of computing as a utility, where users can
remotely store their data into the cloud so as to enjoy the on-demand high quality
applications and services from a shared pool of configurable computing resources. By
data outsourcing, users can be relieved from the burden of local data storage and
maintenance. However, the fact that users no longer have physical possession of the
possibly large size of outsourced data makes the data integrity protection in Cloud
Computing a very challenging and potentially formidable task, especially for users with
constrained computing resources and capabilities. Thus, enabling public auditability for
cloud data storage security is of critical importance so that users can resort to an
external audit party to check the integrity of outsourced data when needed. To securely
introduce an effective third party auditor (TPA), the following two fundamental
requirements have to be met: TPA should be able to efficiently audit the cloud data
storage without demanding the local copy of data, and introduce no additional on-line
burden to the cloud user; 2) The third party auditing process should bring in no new
vulnerabilities towards user data privacy. In this paper, we utilize and uniquely combine
the public key based homomorphic authenticator with random masking to achieve the
privacy-preserving public cloud data auditing system, which meets all above
requirements. To support efficient handling of multiple auditing tasks, we further
explore the technique of bilinear aggregate signature to extend our main result into a
multi-user setting, where TPA can perform multiple auditing tasks simultaneously.
Extensive security and performance analysis shows the proposed schemes are provably
secure and highly efficient.
Drawback:
Too many volunteers help to verify a CSP's storage remotely, bringing in too
much unnecessary burden on the CSP and possibly resulting in Denail of Service attack
to the CSP; _ In contrast to the above case, many volunteers give up in verifications,
wishfully thinking that someone else will do the verifications; _ The distribution of
verifications time is uneven, too many verifications for some periods and too few
verifications for other periods; _ Even worse, a dishonest CSP may create a lot of Sybil
identities, who are announcing that they are volunteered to check the cloud storage
periodically.
1.3.1.6Title:
Scalable and Efcient Provable Data Possession
Author:
Giuseppe Ateniese 1 , Roberto Di Pietro 2 , Luigi V. Mancini 3 ,

and Gene Tsudik
Year :
2008
Storage outsourcing is a rising trend which prompts a number of interesting security

issues, many of which have been extensively investigated in the past. However,
Provable Data Possession (PDP) is a topic that has only recently appeared in the
research literature. The main issue is how to frequently, efciently and securely verify
that a storage server is faithfully storing its clients (potentially very large) outsourced
data. The storage server is assumed to be untrusted in terms of both security and
reliability. (In other words, it might maliciously or accidentally erase hosted data; it
might also relegate it to slow or off-line storage.) The problem is exacerbated by the
client being a small computing device with limited resources. Prior work has addressed
this problem using either public key cryptography or requiring the client to outsource its
data in encrypted form. In this paper, we construct a highly efcient and provably
secure PDP technique based entirely on symmetric key cryptography, while not
requiring any bulk encryption. Also, in contrast with its predecessors, our PDP
technique allows outsourcing of dynamic data, i.e, it efciently supports operations,
such as block modication, deletion and append.
Drawback:
One potentially glaring drawback of our scheme is the prefixed (at setup time)
number of verifications. Furthermore, the number of tokens is independent from the
number of data blocks. Thus, whenever outsourced data is extremely large, extra
storage required by our approach is negligible.
1.3.1.7.Title : Privacy-Preserving Audit and Extraction of Digital Contents

Author :
Mehul A. Shah Ram Swaminathan Mary Baker
Year :
2008
A growing number of online services, such as Google, Yahoo!, and Amazon,

are starting to charge users for their storage. Customers often use these services to
store valuable data such as email, family photos and videos, and disk backups.
Today, a customer must entirely trust such external services to maintain the integrity
of hosted data and return it intact. Unfortunately, no service is infallible. To make
storage services accountable for data loss, we present protocols that allow a
thirdparty auditor to periodically verify the data stored by a service and assist in
returning the data intact to the customer. Most importantly, our protocols are
privacy-preserving, in that they never reveal the data contents to the auditor. Our
solution removes the burden of verication from the customer, alleviates both the
customers and storage services fear of data leakage, and provides a method for
independent arbitration of data retention contracts.Auditing to Keep Online Storage
Services Honest Mehul A. Shah, Mary Baker, Jeffrey C. Mogul, Ram Swaminathan
A growing number of online service providers offer to store customers' photos,
email, le system backups, and other digital assets. Currently, customers cannot
make informed decisions about the risk of losing data stored with any particular
service provider, reducing their incentive to rely on these services. We argue that
thirdparty auditing is important in creating an online serviceoriented economy,
because it allows customers to evaluate risks, and it increases the efciency of
insurancebased risk mitigation. We describe approaches and system hooks that
support both internal and external auditing of online storage services, describe
motivations for service providers and auditors to adopt these approaches, and list
challenges that need to be resolved for such auditing to become a reality.
Drawback:
Here it never reveal the secret key to the auditor.so user cannot able to get the Token.
The service provider, whose goal is to make a profit and maintain a reputation, has an
incentive to hide data loss.
1.3.1.8 Title:
Store, Forget, and Check: Using Algebraic Signatures to Check

Remotely Administered Storage
Author:
Thomas Schwarz, S.J.Ethan L. Miller
Year :
2006
The emerging use of the Internet for remote storage and backup has led to the problem
of verifying that storage sites in a distributed system indeed store the data; this must
often be done in the absence of knowledge of what the data should be. We use m/n
erasure-correcting coding to safeguard the stored data and use algebraic signatures
hash functions with algebraic propertiesfor verification. Our scheme primarily
utilizes one such algebraic property: taking a signature of parity gives the same result as
taking the parity of the signatures. To make our scheme collusionresistant, we blind data
and parity by XORing them with, a pseudo-random stream. Our scheme has three
advantages over existing techniques. First, it uses only small messages for verification,
an attractive property in a P2P setting where the storing peers often only have a small
upstream pipe. Second, it allows verification of challenges across random data without
the need for the challenger to compare against the original data. Third, it is highly
resistant to coordinated attempts to undetectably modify data. These signature
techniques are very fast, running at tens to hundreds of megabytes per second. Because
of these properties, the use of algebraic signatures will permit the construction of large-
scale distributed storage systems in which large amounts of storage can be verified with
minimal network bandwidth.
Drawback:
Systems like these face a number of challenges such as data privacy, protection of
the data against alteration, data loss due to node unavailability and the free rider
problem.
1.3.1.9 Title:
A Cooperative Internet Backup Scheme
Author:
Andrew Birrell Mike Burrows Michael Isard
Year :
2003
We present a novel peer-to-peer backup technique that allows computers

connected to the Internet to back up their data cooperatively: Each computer has a set of
partner computers, which collectively hold its backup data. In return, it holds a part of
each partners backup data. By adding redundancy and distributing the backup data
across many partners, a highly-reliable backup can be obtained in spite of the low
reliability of the average Internet machine. Because our scheme requires cooperation, it
is potentially vulnerable to several novel attacks involving free riding (e.g., holding a
partners data is costly, which tempts cheating) or disruption. We defend against these
attacks using a number of new methods, including the use of periodic random
challenges to ensure partners continue to hold data and the use of disk-space wasting to
make cheating unprotable. Results from an initial prototype show that our technique is
feasible and very inexpensive: it appears to be one to two orders of magnitude cheaper
than existing Internet backup services.
Drawback:
The main drawback of these techniques is the inconvenience for system owners
of managing the media and transferring it off-site, especially for small installations and
PC owners.
1.3.1.10 Title:
Author:
Auditing to Keep Online Storage Services Honest

Mehul A. Shah, Mary Baker, Jeffrey C. Mogul, Ram
Swaminathan
Year :
2010
A growing number of online service providers offer to store customers' photos,

email, _le system backups, and other digital assets. Currently, customers cannot make
informed decisions about the risk of losing data stored with any particular service
provider, reducing their incentive to rely on these services. We argue that thirdparty
auditing is important in creating an online serviceoriented economy, because it allows
customers to evaluate risks, and it increases the efficiency of insurancebased risk
mitigation. We describe approaches and system hooks that support both internal and
external auditing of online storage services, describe motivations for service providers
and auditors to adopt these approaches, and list challenges that need to be resolved for
such auditing to become a reality.
Drawback:
Auditing of online storage is not feasible . First, customers are not yet
sophisticated enough to demand risk assessment. Second, online storages do not yet
provide support for third party audits.
1.4 PROPOSED SYSTEM

In proposed system an effective and flexible distributed scheme with explicit
dynamic data support, including block update, delete, and append. By utilizing the
homomorphic token with distributed verification of erasure-coded data, our scheme
achieves the integration of storage correctness insurance and data error localization, i.e.,
whenever data corruption has been detected during the storage correctness verification
across the distributed servers.
ADAVANTAGES IN PROPOSED SYSTEM
Security enhanced in cloud data storage
Identification of the misbehaving server(s).
This scheme is highly efficient and resilient to Byzantine failure, malicious data
modification attack
CHAPTER 2
2.1 GENERAL
To ensure the security and dependability for cloud data storage under the
aforementioned adversary model, we aim to design efficient mechanisms for dynamic
data verification and operation and achieve the following goals: (1) Storage correctness:
to ensure users that their data are indeed stored appropriately and kept intact all the
time in the cloud. (2) Fast localization of data error: to effectively locate the
malfunctioning server when data corruption has been detected. (3) Dynamic data
support: to maintain the same level of storage correctness assurance even if users
modify, delete or append their data files in the cloud. (4) Dependability: to enhance data
availability against Byzantine failures, malicious data modification and server colluding
attacks, i.e. minimizing the effect brought by data errors or server failures. (5)
Lightweight: to enable users to perform storage correctness checks with minimum
overhead.
2.2PROBLEM DEFINITION
Therefore, although outsourcing data into the cloud is economically attractive for the
cost and complexity of long-term large-scale data storage, its lacking of offering strong
assurance of data integrity and availability may impede its wide adoption by both
enterprise and individual cloud users. In order to achieve the assurances of cloud data
integrity and availability and enforce the quality of cloud storage service, efficient
methods that enable on-demand data correctness verification on behalf of cloud users
have to be designed. However, the fact that users no longer have physical possession of
data in the cloud prohibits the direct adoption of traditional cryptographic primitives for
the purpose of data integrity protection. Hence, the verification of cloud storage
correctness must be conducted without explicit knowledge of the whole data files .
Meanwhile, cloud storage is not just a third party data warehouse.
2.3 METHODOLOGIES
Methodologies is the process of analyzing the principles or procedure of a Secure and
Dependable Storage Services in Cloud Computing.
User Interface
Third party auditing

Identification of server
Flexible distributed storage service
Dynamic data manipulation
User Interface Design

The User Interface design is done in this module. We use the Swing package
available in Java to design the User Interface. Swing is a widget toolkit for Java.
It is part of Sun Microsystems' Java Foundation Classes (JFC) an API for
roviding a graphical user interface (GUI) for Java programs.Here we are
developing webapplication. Front is developed in jsp and servlet. Back end will
be a Sql server 2005. User Interface diagram would user can communicate to the
web application.
User can delegate the data auditing tasks to an optional trusted TPA of their
respective choices. The storage verification task can be successfully delegated to
third party auditing in a privacy-preserving
manner. After login to the cloud service provider user can approach the Third
party auditing . Third party auditing will be provide unique token to the each user
.After getting the token , User should be provide proper token. Token should be
validated each time in Third party cloud.
Identification of server
In order to achieve assurance of data storage correctness and data error
localization simultaneously, our scheme entirely relies on the pre-computed
verification tokens. Stored data may stored in some entrusted server .so we cloud
service provider should concentrate on this issues. So cloud service provider must
provide security for our data. In order to overcome this problem CSP must
encrypt user data.
Flexible distributed storage service

we propose in this paper flexible distributed storage integrity auditing
mechanism, utilizing the homomorphic token and distributed erasure-coded data.
This is used to data availability.After successful token validation by TPA next
corresponding page will be displayed. In that user can upload the data.Data or file
will be stored in corresponding cloud server. This is because data which is stored
by user may stored in different storage space which is present in cloud server.
Dynamic data manipulation

In this module we are are implementing Dynamic data Manipulation like
block append, Insertion, deletion. This is employed to data updating. While
storing the data in cloud server there is a chance to store data in some other
misbehaving server. The updated data will stored in corresponding server.
Because user data may scattered in different storage server. So we have to
analysis where our data stored . After analysis this process data will downloaded
successfully.
1.3.1 MODULE DIAGRAM:

Module diagram:
Flexible distributed storage service:
Login
Browse
Store
Identification of server:
User
Identification of
server
Access data
Token Generation
User
Third
auditing
Cloud
party
Dynamic data manipulation:
User
Third
auditing
Cloud server
Dynamic data
manipulation
party
2.4 CONCLUTION
The deployment of Cloud Computing is powered by data centers running in a
simultaneous, cooperated and distributed manner . It is more advantages for
individual users to store their data redundantly across multiple physical servers so as to
reduce the data integrity and availability threats. Thus, distributed protocols
for storage correctness assurance will be of most importance in achieving robust and
secure cloud storage systems.
CHAPTER 3
REQUIREMENTS ENGINEERING
3.1 GENERAL
In this paper, we propose an effective and flexible distributed storage verification
scheme with explicit dynamic data support to ensure the correctness and
availability of users data in the cloud. We rely on erasure correcting code in the
file distribution preparation to provide redundancies and guarantee the data
dependability against Byzantine servers , where a storage server may fail in
arbitrary ways. This construction drastically reduces the communication and
storage overhead as compared to the traditional replication-based file distribution
techniques.
3.2 HARDWARE REQUIREMENTS

The hardware requirements may serve as the basis for a
contract for the
implementation of the system and should therefore be a complete and consistent

specification of the whole system. They are used by software engineers as the starting
point for the system design. It shouls what the system do and not how it should be
implemented.
PROCESSOR
PENTIUM IV 2.6 GHz,Intel Core 2 Duo.
RAM
512 MB DD RAM
MONITOR
15 COLOR
HARD DISK
40 GB
CDDRIVE
LG 52X
KEYBOARD
STANDARD 102 KEYS
MOUSE
3 BUTTONS
1.3SOFTWARE REQUIREMENTS
The software requirements document is the specification of the system. It should
include both a definition and a specification of requirements. It is a set of what the
system should do rather than how it should do it. The software requirements provide a
basis for creating the software requirements specification. It is useful in estimating
cost, planning team activities, performing tasks and tracking the teams and tracking the
teams progress throughout the development activity.
FRONT END
Jsp servlet
BACK END
SQL SERVER
3.3 FUNCTIONAL REQUIREMENTS

A functional requirement defines a function of a software-system or its
component. A function is described as a set of inputs, the behavior, and outputs. The
proposed system is achieved by suppression-based and generalization-based kanonymous and confidential databases.The protocols rely on well-known cryptographic
assumptions, and we provide theoretical analyses to proof their soundness
andexperimental results to illustrate their efficiency.
3.4 NON-FUNCTIONAL REQUIREMENTS
3.5.1 EFFICIENCY
Storage correctness: to ensure users that their data are indeed stored appropriately
and kept intact all the time in the cloud.
Fast localization of data error: to effectively locate the malfunctioning server
when data corruption has been detected
3.5.2 RELIABILITY
Dynamic data support: to maintain the same level of storage correctness
assurance even if users modify, delete or append their data files in the cloud.
Dependability: To enhance data availability against Byzantine failures,
malicious data modification and server colluding attacks, i.e. minimizing the effect
brought by data errors or server failures.
CHAPTER 4
DESIGN ENGINEERING
4.1 GENERAL
Design Engineering deals with the various UML [Unified Modeling language]
diagrams for the implementation of project. Design is a meaningful engineering
representation of a thing that is to be built. Software design is a process through which
the requirements are translated into representation of the software. Design is the place
where quality is rendered in software engineering. Design is the means to accurately
translate customer requirements into finished product.
4.2 ACTIVITY DIAGRAM
An activity diagram illustrates the dynamic nature of a system by modeling the
flow of control from activity to activity. Because an activity diagram is a special kind of
statechart diagram, it uses some of the same modeling conventions. After the token
validation in tpa corresponding page will be displayed.
Login
Cloud service
provider
Third party
Auditing
Cloud
servers
4.3 USE CASE

Use case Diagram
TPA Login
Generate Token
TPA
Login
Upload
User
CSP Login
Cloud service provider
Back up
USECASE:
A use case diagram is a type of behavioral diagram created from a Use-case
analysis. User can store the remotely by using cloud server. User can get the token from
reputed Third party auditor. Token will be provide each storing of data in server.
4.4 DATAFLOW DIAGRAM

Data flow diagrams illustrate how data is processed by a system in terms of
inputs and outputs. A data flow diagram (DFD) is a graphical representation of the
"flow" of data through an information system, modelling its process aspects. Often they
are a preliminary step used to create an overview of the system which can later be
elaborated. DFDs can also be used for the visualization of data processing (structured
design). User store the data in cloud server through cloud service provider with the
help of TPA.
DFD 0:
User
Data
Third party Auditing
Cloud Server
DFD 1:
Server
Data indices
Dynamic data
manipulation
Pre computing token
User
4.5 SEQUENCE DIAGRAM

A sequence diagram in UML is a kind of interaction diagram that shows how
processes operate with one another and in what order. Sequence diagrams are
sometimes called Event-trace diagrams, event scenarios, and timing diagrams.User can
login to cloud service provider .If user getting authenticate then user can store the data
in cloud.
User
Precomputing
Token
cloud server
Csp
Token generation
Store date to cloud
store data when serve corrupt

Auditing
Data Retriving
Data Retriving
storage
distribution
4.6 COLLABORATION DIAGRAM

A collaboration diagram show the objects and relationships involved in an
interaction, and the sequence of messages exchanged among the objects during the
interaction A diagram is created for each system operation that relates to the current
development cycle(iteration).
2: Third party auditing

1: Token generation
Precomputin
g Token
User
8: Data Retriving
4: store data when serve corrupt

3: Store date to cloud
5: Auditing
7: Data Retriving
cloud
server
storage
distribution
6:
4.7 CLASS DIAGRAM
User
data
token
name
Token Generation
token
Token Generation()
Storing of data()
data retrivel()
Third party
Auding
user request
Validation()
Cloud service provider

data indices
data
clond name
Data storage
Data
token
store()
Retrivel()
Validation()
Token matching()
Distributed Storage()
Data indices()
CLASS DIAGRAM:
A class diagram in the UML, is a type of static structure diagram that describes
the structure of a system by showing the systems classes, their attributes, and the
relationships between the classes. User class diagram contain data which is user desire
to store in cloud. And token will got from TPA .TPA having user token which is will
provided to each user request.
4.8ARCHITECTURE DIAGRAM
The nodes involved are admin and clients which stands as UI for the system.The
deployment is performed as per the requirements of Hardware and software specified in
the requirements phase.
System Architecture:
Data
storage
Data
storage
Data storage
Cloud server
Client
In this figure represents In Architecture diagram, we represent a
flexible
distributed storage integrity auditing mechanism, utilizing the homomorphic token and
distributed erasure-coded data. The proposed design allows users to audit the cloud
storage with very lightweight communication and computation cost.
Object Diagram:
User: Cloud
Service Provider
Generate Token :
Third party Auditing
Store : Cloud
Server
Object diagrams are also closely linked to class diagrams. Instance of

Cloud service provider having some behavior attribute which is stored in cloud service
provider.
State Diagram
User
Pre computing
token
Third party
Auditing
cloud
server
STATE DIAGRAM:
UML activity diagrams could potentially model the internal logic of a complex
operation. In many ways UML activity diagrams are the object-oriented equivalent of
flow charts and data flow diagrams (DFDs) from structural development.
After getting token ,token should provide in CSP .token will be validated at every
time . The provided token is valid user can store the data in cloud.
COMPONENT DIAGRAM:
Login
cloud service
provider
Token
Validation
Cloud server
Third party
Auditing
A component diagram describes the organization of the physical

components in a system. Components are wired together by using an assembly
connector to connect the required interface of one component with the provided
interface of another component. This illustrates the service consumer - service
provider relationship between the two components. When using a component diagram
to show the internal structure of a component cloud service provider having the
component of login. Third party auditing having the token generation where values can
be validated.
ER diagram:
Entity Relationship Diagrams (ERDs) illustrate the logical structure of databases.

Here user ,TpA , cloud service provider and cloud server are consider as entity . The
relationship between entities showed in above figure.
DATABASE
DESIGN:
In this diagram three tables are involved to store data in cloud . User table
contain user name and password which stored by user. Login table contain user login
information.Third party auditing table contain user name and token.
4.11 CONCLUTION
Recently, the importance of ensuring the remote data integrity has been
highlighted by the following research works under different system and security
models. These techniques, while can be useful to ensure the storage correctness without
having users possessing local data, are all focusing on single server scenario. They may
be useful for quality-of-service testing but does not guarantee the data availability in
case of server failures.
CHAPTER 5
DEVELOPMENT TOOLS
5.1 GENERAL
This chapter is about the software language and the tools used in the development
of the project. The platform used here is JAVA. The Primary languages are JAVA,J2EE
and J2ME. In this project J2EE is chosen for implementation.
5.2 FEATURES OF JAVA
5.2.1 THE JAVA FRAMEWORK
Java is a programming language originally developed by James Gosling at Sun
Microsystemsand released in 1995 as a core component of Sun Microsystems' Java
platform. The language derives much of its syntax from C and C++ but has a simpler
object model and fewer low-level facilities. Java applications are typically compiled to
bytecode that can run on any Java Virtual Machine (JVM) regardless of computer
architecture. Java is general-purpose, concurrent, class-based, and object-oriented, and
is specifically designed to have as few implementation dependencies as possible. It is
intended to let application developers "write once, run anywhere".
Java is considered by many as one of the most influential programming
languages of the 20th century, and is widely used from application software to web
applicationsThe java framework is a new platform independent that simplifies
application development internet.Java technology's versatility, efficiency, platform
portability, and security make it the ideal technology for network computing. From
laptops to datacenters, game consoles to scientific supercomputers, cell phones to the

Internet, Java is everywhere!
5.2.2 OBJECTIVES OF JAVA
To see places of Java in Action in our daily life, explore java.com.
Why Software Developers Choose Java
Java has been tested, refined, extended, and proven by a dedicated community. And
numbering more than 6.5 million developers, it's the largest and most active on the
planet. With its versatilty, efficiency, and portability, Java has become invaluable to
developers by enabling them to:
Write software on one platform and run it on virtually any other platform
Create programs to run within a Web browser and Web services
Develop server-side applications for online forums, stores, polls, HTML forms
processing, and more
Combine applications or services using the Java language to create highly
customized applications or services
Write powerful and efficient applications for mobile phones, remote processors,
low-cost consumer products, and practically any other device with a digital
heartbeat
Some Ways Software Developers Learn Java
Today, many colleges and universities offer courses in programming for the Java
platform. In addition, developers can also enhance their Java programming skills by
reading Sun's java.sun.com Web site, subscribing to Java technology-focused

newsletters, using the Java Tutorial and the New to Java Programming Center, and
signing up for Web, virtual, or instructor-led courses.
Object Oriented
To be an Object Oriented language, any language must follow at least the four
characteristics.
1.Inheritance
:It is the process of creating the new classes and using the
behavior of the existing classes by extending them just to reuse the existing code
and adding addition a features as needed.
2.Encapsulation: It is the mechanism of combining the information and
providing the abstraction.
3.Polymorphism: As the name suggest one name multiple form, Polymorphism
is the way of providing the different functionality by thefunctions having the
same name based on the signatures of the methods.
4.Dynamic binding : Sometimes we don't have the knowledge of objects about
their specific types while writing our code. It is the way of providing the
maximum functionality to a program about the specific type at runtime.
5.2.3JavaServer Pages - An Overview
Java Server Pages or JSP for short is Sun's solution for developing dynamic web sites.
JSP provide excellent server side scripting support for creating database driven web
applications. JSP enable the developers to directly insert java code into jsp file, this
makes the development process very simple and its maintenance also becomes very
easy.
JSP pages are efficient, it loads into the web servers memory on receiving the
request very first time and the subsequent calls are served within a very short period of
time.
In today's environment most web sites servers dynamic pages based on user
request. Database is very convenient way to store the data of users and other things.
JDBC provide excellent database connectivity in heterogeneous database environment.
Using JSP and JDBC its very cceasy to develop database driven web application.
Java is known for its characteristic of "write once, run anywhere." JSP pages are
platfJavaServer Pages
JavaServer Pages (JSP) technology is the Java platform technology for delivering
dynamic content to web clients in a portable, secure and well-defined way. The
JavaServer Pages specification extends the Java Servlet API to provide web application
developers with a robust framework for creating dynamic web content on the server
using HTML, and XML templates, and Java code, which is secure, fast, and
independent of server platforms.
JSP has been built on top of the Servlet API and utilizes Servlet semantics. JSP
has become the preferred request handler and response mechanism. Although JSP
technology is going to be a powerful successor to basic Servlets, they have an
evolutionary relationship and can be used in a cooperative and complementary manner.
Servlets are powerful and sometimes they are a bit cumbersome when it comes to
generating complex HTML. Most servlets contain a little code that handles application
logic and a lot more code that handles output formatting. This can make it difficult to
separate and reuse portions of the code when a different output format is needed. For
these reasons, web application developers turn towards JSP as their preferred servlet
environment.
5.2.4 Evolution of Web Applications
Over the last few years, web server applications have evolved from static to dynamic
applications. This evolution became necessary due to some deficiencies in earlier web
site design. For example, to put more of business processes on the web, whether in
business-to-consumer (B2C) or business-to-business (B2B) markets, conventional web
site design technologies are not enough. The main issues, every developer faces when
developing web applications, are:
1. Scalability - a successful site will have more users and as the number of users is
increasing fastly, the web applications have to scale correspondingly.
2. Integration of data and business logic - the web is just another way to conduct
business, and so it should be able to use the same middle-tier and data-access code.
3. Manageability - web sites just keep getting bigger and we need some viable
mechanism to manage the ever-increasing content and its interaction with business
systems.
4. Personalization - adding a personal touch to the web page becomes an essential factor
to keep our customer coming back again. Knowing their preferences, allowing them to
configure the information they view, remembering their past transactions or frequent
search keywords are all important in providing feedback and interaction from what is
otherwise a fairly one-sided conversation.
Apart from these general needs for a business-oriented web site, the necessity for new
technologies to create robust, dynamic and compact server-side web applications has
been realized. The main characteristics of today's dynamic web server applications are
as follows:
1. Serve HTML and XML, and stream data to the web client
2. Separate presentation, logic and data
3. Interface to databases, other Java applications, CORBA, directory and mail services
4. Make use of application server middleware to provide transactional support.
5. Track client sessions .
5.2.5 Benefits of JSP
One of the main reasons why the JavaServer Pages technology has evolved into
what it is today and it is still evolving is the overwhelming technical need to simplify
application design by separating dynamic content from static template display data.
Another benefit of utilizing JSP is that it allows to more cleanly separate the roles of
web application/HTML designer from a software developer. The JSP technology is
blessed with a number of exciting benefits, which are chronicled as follows:
1. The JSP technology is platform independent, in its dynamic web pages, its web
servers, and its underlying server components. That is, JSP pages perform perfectly
without any hassle on any platform, run on any web server, and web-enabled
application server. The JSP pages can be accessed from any web server.
2. The JSP technology emphasizes the use of reusable components. These components
can be combined or manipulated towards developing more purposeful components and
page design. This definitely reduces development time apart from the At development
time, JSPs are very different from Servlets, however, they are precompiled into Servlets
at run time and executed by a JSP engine which is installed on a Web-enabled
application server such as BEA WebLogic and IBM WebSphere.
5.3Servlets
Earlier in client- server computing, each application had its own client program
and it worked as a user interface and need to be installed on each user's personal
computer. Most web applications use HTML/XHTML that are mostly supported by all
the browsers and web pages are displayed to the client as static documents.
A web page can merely displays static content and it also lets the user navigate
through the content, but a web application provides a more interactive experience.
Any computer running Servlets or JSP needs to have a container. A container is
nothing but a piece of software responsible for loading, executing and unloading the
Servlets and JSP. While servlets can be used to extend the functionality of any Javaenabled server.
They are mostly used to extend web servers, and are efficient replacement for
CGI scripts. CGI was one of the earliest and most prominent server side dynamic
content solutions, so before going forward it is very important to know the difference
between CGI and the Servlets.
5.4Java Servlets
Java Servlet is a generic server extension that means a java class can be loaded
dynamically to expand the functionality of a server. Servlets are used with web servers
and run inside a Java Virtual Machine (JVM) on the server so these are safe and
portable.
Unlike applets they do not require support for java in the web browser. Unlike
CGI, servlets don't use multiple processes to handle separate request. Servets can be
handled by separate threads within the same process. Servlets are also portable and
platform independent.
A web server is the combination of computer and the program installed on it.
Web server interacts with the client through a web browser. It delivers the web pages to
the client and to an application by using the web browser and he HTTP protocols
respectively.
The define the web server as the package of large number of programs installed
on a computer connected to Internet or intranet for downloading the requested files
using File Transfer Protocol, serving e-mail and building and publishing web pages. A
web server works on a client server model.
5.5 Conclusion
JSP and Servlets are gaining rapid acceptance as means to provide dynamic
content on the Internet. With full access to the Java platform, running from the server in
a secure manner, the application possibilities are almost limitless. When JSPs are used
with Enterprise JavaBeans technology, e-commerce and database resources can be
further enhanced to meet an enterprise's needs for web applications providing secure
transactions in an open platform. J2EE technology as a whole makes it easy to develop,
deploy and use web server applications instead of mingling with other technologies
such as CGI and ASP. There are many tools for facilitating quick web software
development and to easily convert existing server-side technologies to JSP and Servlets.
CHAPTER 6
IMPLEMENTATION
6.1
GENERAL
Implementation of effective and flexible distributed storage verification scheme
with explicit dynamic data support to ensure the correctness and availability of
users data in the cloud.
6.2 Coding :
<!DOCTYPE
html
PUBLIC
"-//W3C//DTD
XHTML
1.0
Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>TemplateWorld - Dusky</title>
<link href="styles.css" rel="stylesheet" type="text/css" />
<link rel="icon" href="images/icon.ico" />
</head>
<body>
<script language="javascript">
function validation()
{
var c=document.getElementById("valid");
if(c.value=="0")
{
alert("Enter the correct username and password");
c.focus();
return false;
}

if(c.value=="1")
{
alert("Welcome");
c.focus();
return false;
}
}
</script>
<div id="headWrap">
<div id="headpanel">
<div id="menu">
<p> </p>
<p> </p>
<p> </p>
<ul>
<li><a href="#">Home</a></li>
<li><div class="gap"></div></li>
<li><a href="AdminLogin.jsp">Admin Login</a></li>
<li><a href="#">Newsletter</a></li>
<li><a href="#">Duty</a></li>
<li><a href="#">Output</a></li>
<li><a href="#">Solution</a></li>
<li><a href="#">Testimonial</a></li>
<li><a href="#">Contact Us</a></li>
</ul>
</div>
</div>
</div>
<div id="contentWrap">
<div id="contentPanel">
<div id="leftPanel">
<div id="loginPanel">
<h2>User Login</h2>
<h3>Enter your username and password </h3>
<form action="loginAction">
<input
name="username"
type="text"
value="Name"
id="uid"
onfocus="if(this.value=='Name')this.value=''"
onblur="if(this.value=='')this.value='Name'"/>
<div class="blank"></div>
<input name="password" type="password" value="Password" id="pid"
onfocus="if(this.value=='Password')this.value=''"
onblur="if(this.value=='')this.value='Password'"/>
<%
Integer val=(Integer)session.getAttribute("value");
//System.out.println("value="+val);
%>
<p>Not yet a Member? <a href="Rigistration.jsp">Register Now</a></p>
<input type="hidden"value="<%=val%>"name="value" id="valid" />
<input type= "submit" name="loginButton" value="Login" class="login"
onclick="return validation()"/>
</form>
</div>
<div id="projectsPanel">
<h2>Projects</h2>
<h3>Sed ut nisi faucibus lectus semper sagi Pellentesque ullamcorper. </h3>
<div class="pic1"></div>
<a href="#">Next</a>
</div>
</div>
<div id="middlePanel">
<div class="top">
<h2>Secured Cloud Computing</h2>
<h3>Cloud computing provides computation, software, data access, and storage
services that do not require end-user knowledge of the physical location and
configuration of the system that delivers the services. Parallels to this concept can be
drawn with the electricity grid, wherein end-users consume power without needing to
understand the component devices or infrastructure required to provide the service..
</h3>
<p><span>Cloud Computing, it almost rolls off the tongue doesnt it?
If you believe the hype, cloud computing is cheaper, safer and easier than any other
form of application hosting, it exists in the magical land of cloud where
nothing ever goes wrong, in fact, to say its reliable is almost an understatement.
.</span></p>
<p>The term Cloud Computing first came about in 1960 and was used to express the
notion that computing resources could someday be grouped together as a public utility.
Today however, the term is used to describe a somewhat limited range of services, all of
which adhere to some form of commonalities.</p>
<a href="#">Read More</a>
</div>
<div class="bottom">
<h2>Our main purpose</h2>
<h3>Towards Secure and Dependable Storage<br />
Services in Cloud Computing</h3>
<ul>
<li><a href="#">Supports secure
and efficient dynamic operations </a></li>
<li><a href="#">Resilient against Byzantine failure</a></li>
<li><a href="#">Effective and flexible
distributed storage verification
</a></li>
<li><a href="#" class="bottom">Dynamic
data support:
</a></li>
</ul>
</div>
</div>
<div id="rigtPanel">
<div class="services">
<h2>New service overview</h2>
<ul>
<li>
<div class="cal">15<span>June</span></div>
<h2>Suspendisse tortor leo!!!</h2>
<p>Nullam dapibus laoreet magna.uspendisse tortor leo.</p>
<a href="#">Quisque vel metus non ante vehicula consectetuer. </a>
<div class="author"><span>BY</span> jone jackson</div>
</li>
<li>
<h2>Wqeruspendisse tortor de!!!</h2>
</li>
</ul>
</div>
<div class="contacts">
<h2>Quick Contact</h2>
<input name="name" type="text" value="Your Name" onfocus="if(this.value=='Your
Name')this.value=''" onblur="if(this.value=='')this.value='Your Name'"/>
<input name="email" type="text" value="Your E-mail Address"
onfocus="if(this.value=='Your
E-mail
Address')this.value=''"
onblur="if(this.value=='')this.value='Your E-mail Address'"/>
<textarea name="txt_msg" rows="" cols="" onfocus="if(this.value=='Put your
message here')this.value=''" onblur="if(this.value=='')this.value='Put your message
here'">Put your message here</textarea>
<a href="#">Submit</a>
</div>
</div>
</div>
</div>
<div id="footWrap">
<div id="footPanel">
<div id="footNav">
<ul>
<li><div class="blank">|</div></li>
<li><a href="AdminLogin.jsp">Admin login</a></li>

</ul>
</div>
<p> Copyright Information Goes Here. All Rights Reserved.</p>
<p>Designed by <a href="http://www.templateworld.com/">TemplateWorld</a> and
brought
to
you
by
<a
href="http://www.smashingmagazine.com/">SmashingMagazine</a></p>
<div id="validation">
<ul>
<li><a href="http://validator.w3.org/check?uri=referer">xhtml</a></li>
<li><div class="blank"></div></li>
<li><a href="http://jigsaw.w3.org/css-validator/check/referer">css</a></li>
</ul>
</div>
</div>
</div>
</body>
</html>
<%@page import="java.io.FileInputStream"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<head>

</head>
<body>
<%
String username=(String)session.getAttribute("userNameSession");
//System.out.println(username);
%>
<div id="headWrap">
<div id="headpanel">
<div id="menu">
<p> </p>
<p> </p>
<p> </p>
<ul>
<li><a href="browse.jsp">Home</a></li>
<li><a href="#">About Us</a></li>
<li><a href="index.jsp">Signout</a></li>
</ul>
</div>
</div>
</div>
<div id="contentWrap">
<div id="contentPanel">
<div id="leftPanel">
<div id="projectsPanel">
<h2>Projects</h2>
<h3>Sed ut nisi faucibus lectus semper sagi Pellentesque ullamcorper. </h3>
<a href="#">Next</a>
</div>
</div>
<div id="middlePanel">
<div class="top">
<h2>welcome!!!!</h2>
<p>Third party Auditor::</p>
<br />
<br />
<br />
<br />
<br />
<br />


<%
byte b[]=new byte[50];
FileInputStream fis=new FileInputStream("E://TPApath.txt");
fis.read(b);
String ip=new String(b);
System.out.println("Path in
jsp:................................................................................."+ip.trim());
%>
<!-<form
action="http://localhost:8084/ThirdPartyAuditing2/GenetateTokenServlet">-->
<form
action="http://<%=ip
%>:8084/ThirdPartyAuditing2/GenetateTokenServlet">
Welcome.. <%=username%>
<input type="hidden" name="hiddenUserName" value="<%= username %>"/>
<input type="submit" value="Generate Token" name="tokenButtonName"/>
<p>Already you hava Token <input type="button" value="CSP"
name="toCspButton" onclick="document.location.href='cspListOfFiles.jsp'" /></p>
</form>
<p> </p>
<p> </p>
<h3></h3>
</div>
<h3>Vestibulum ante ipsum primis in faucibus orci luctus etucibus ultrices posuere
cubilia Curae.</h3>
<ul>
<li><a href="#">Maecenas pellentesque ipsum in pedec urabitur</a></li>
<li><a href="#">Pellentesque habitant morbi tristique senectus</a></li>
<li><a href="#">Nulla bibendum eros sed ultrices sollicitudin</a></li>
<li><a href="#" class="bottom">Sed adipiscing orci metus vestibulum nibh</a></li>
</ul>
</div>
</div>
<ul>
<li>
</li>
<li>
</li>
</ul>
</div>
E-mail
</div>
</div>
</div>
</div>
<div id="footWrap">
<div id="footNav">
<ul>
</ul>
</div>
brought
to
you
by
<a
<ul>
</ul>
</div>
</div>
</div>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<head>

</head>
<script type="text/javascript">
function validation()
{
var ClientName= document.getElementById("clientid");
var userName= document.getElementById("usernameid");
var passWord= document.getElementById("passwordid");
var RePass=document.getElementById("REpasswordid");
var email= document.getElementById("emailid").value;
var gender= document.getElementById("genderid");
var dob= document.getElementById("dobid");
var country= document.getElementById("countryid");
var state= document.getElementById("stateid");
var city= document.getElementById("cityid");
var phno= document.getElementById("phoneid");
if(ClientName.value=="")
{
alert("Enter name");
ClientName.focus();
return false;
}
if(userName.value=="")
{
alert("Enter user name");
userName.focus();
return false;
}
if(passWord.value=="")
{
alert("Enter Password");
<b>Phone no :</b>
</td>
<td>
<input type="text" name="phone" id="phoneid"/>
</td>
</tr>
<tr align="center">
<td>
<input type="submit" value ="OK" name="okButton"
onClick="return validation()"/>
<input type="button" value ="Reset" name="resetButton"/>
</td>
</tr>
<tr>
<td>
</td>
</tr>
</table>
</form>
<h3>Sed ut nisi faucibus lectus semper sagittis. Pellentesque ullamcorper quam
fringilla lacus. </h3>
<p><span>Sed ut nisi faucibus lectus semper sagittis.</span> Pellentesque
ullamcorper quam fringilla lacus. <span>Fusce nisl ipsum</span> malesuada sed,
varius ac, sagittis et, ipsum. Nullam posuere porttitor orci. Quisque semper.</p>
<p>Curabitur urna elit, <span>egestas condimentumsemper</span> etrhoncus matti
quam. Nulla suscipit erat ac odio. tumsemper etrhoncus wuam.</p>
</div>
<h3>Vestibulum ante ipsum primis in faucibus orci luctus etucibus ultrices posuere
cubilia Curae.</h3>
<ul>
<li><a href="#">Maecenas pellentesque ipsum in pedec urabitur</a></li>
<li><a href="#">Pellentesque habitant morbi tristique senectus</a></li>

<li><a href="#">Nulla bibendum eros sed ultrices sollicitudin</a></li>
<li><a href="#" class="bottom">Sed adipiscing orci metus vestibulum nibh</a></li>
</ul>
</div>
</div>
<ul>
<li>
</li>
<li>
</li>
</ul>
</div>
E-mail
</div>
</div>
</div>
</div>
<div id="footWrap">
<div id="footNav">
<ul>
</ul>
</div>
brought
to
you
by
<a
<ul>
</ul>
</div>
</div>
</div>
</body>
</html>
package datapack;
import java.sql.*;
import java.sql.SQLException;
public class DBClass
{
public static final DBClass DBInstance = new DBClass();
Connection con;
private DBClass()
{
}
public static DBClass Db()
{
return DBInstance;
}
public Connection createConnection()throws Exception
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con=DriverManager.getConnection("jdbc:odbc:dsnLogin");
return con;
}
}
package javapack;
import java.sql.Statement;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import datapack.DBClass;
public class Login
{
PreparedStatement preparedstatement;
Statement statement;
ResultSet resultset;
DBClass db;
public Login()
{
db=DBClass.Db();
}
public void update(String name,String uname,String pword,String email,String
gender,String dob,String country,String state,String city,String phno)throws Exception
{
//md5 obj=new md5();
//String token=obj.tokenGenerationMethod(uname);
preparedstatement=db.createConnection().prepareStatement("insert
login values(?,?,?,?,?,?,?,?,?,?)");
preparedstatement.setString(1,name.trim());
preparedstatement.setString(2,uname.trim());
preparedstatement.setString(3,pword.trim());
preparedstatement.setString(4,email.trim());
preparedstatement.setString(5,gender.trim());
preparedstatement.setString(6,dob.trim());
preparedstatement.setString(7,country.trim());
preparedstatement.setString(8,state.trim());
preparedstatement.setString(9,city.trim());
preparedstatement.setString(10,phno.trim());
//preparedstatement.setString(11,token.trim());
//
preparedstatement.executeUpdate();
preparedstatement.close();
into
}}}
CHAPTER 7
SNAPSHOTS
7.1 GENERAL
Snapshot is nothing but every moment of the application while running. It gives
the clear elaborated of application. It will be useful for the new user to understand for
the future steps.
7.2VARIOUS SNAPSHOTS
7.2.1 MAIN PAGE
Purpose:
User Login:
User Login:
This user login page . Here user have to login. This is the cloud service
provider where we can upload the data. Csp will provide the space for our
data. Before that user have get appropreriate token.
Registration:
User have to register his/her details which store in cloud service provider.
Admin
Login
This is admin login. Here admin can validate. Admin have the full writes to
monitor our works. The work of the admin would be a provide back up
protection suppose cloud server undergoes attacks that time admin take a
action.
Home:
This is Home page of cloud service provider. Here user can upload the data.
More over User can get the token for the data storage .The token will be
provided by Third party audinting who run on another cloud.
Admin
home:
This is admin home page . Here admin can able to chage the password .
Csp maintain separate database for csp. Where password can be changed by
the clouds.
TPA:
This is third party recommendation which is recommended by cloud service

provider. By providing this token user can store their data with out relying
the cloud server. Because in existing system csp can edit the user data .
TPA login:
TPA also having the validation phase where TPA have to validate. Tpa also
have the admin to view the user acitivity . Admin can view the user token .
Change Password:
This image reveals the TPA admin can change the password. This can be
done separate the database which is maintain in tpa database.
UserToken:
This image reaveals that tpa view the user token .By getting the token TPA
cant able to view the user data. TPA can able to view the user Token.
User
User have to login the CSP. After successful
home:
login This page will be
displayed. Here user can view or edit the data. After getting the token from
TPA this page will be displayed . Suppose the user having the token means
they can directly come to the page.
File
view:
After login user can upload their data in the cloud. User can view what are
the files sho stored in the clud server. By doing this thigs there is no token
validation takes place .
Upload file:
User have to provide proper token which is given by Third party auditing.
Each and every file upload the token will be validated .This validation will
be takes place in third party auding data base. This is run on different cloud.
Store
file:
This page displays getting the user approval to store the data in cloud server.
Browse File:
User can browse the file to upload the data. User can upload any number of
file depending upon the usage . By upload button dialog will be displayed
where user can select the appropreate file .
File
upload
success
This is page shows the file upload successfully by user. After file will stored
in cloud server this page will be displayed.
Edit:
User should provide proper token for editing the data. In case user wants the
edit the stored content by clicking the appropreiate button . By doing so this
page will displayed. That page user have to provide the token .The token will
be validated in TPA.
Select
File:
User have to select the file to edit. These are the list of files user already
stored in the cloud . By providing proper token . that token will be validated.
After valid user can able to edit the data.
Edit:
After selected file , which is displayed in the window. User can edit the data.
This data will store in cloude after clicking the update button. The file be
saved in clude where old file stored.
Update success:
After edit the data , data will be stored in cloud server .After done this
process this
page will be displayed.
This is the cloud server where file will be stored . This cloud server run on one cloud.
CHAPTER 8
SOFTWARE TESTING
8.1 GENERAL
The purpose of testing is to discover errors. Testing is the process of trying to
discover every conceivable fault or weakness in a work product. It provides a way to
check the functionality of components, sub assemblies, assemblies and/or a finished
product It is the process of exercising software with the intent of ensuring that the
Software system meets its requirements and user expectations and does not fail in an
unacceptable manner. There are various types of test. Each test type addresses a specific
testing requirement.
8.2 DEVELOPING METHODOLOGIES
The test process is initiated by developing a comprehensive plan to test the
general functionality and special features on a variety of platform combinations. Strict
quality control procedures are used.
The process verifies that the application meets the requirements specified in the
system requirements document and is bug free. The following are the considerations
used to develop the framework from developing the testing methodologies.
8.3Types of Tests
8.3.1 Unit testing
Unit testing involves the design of test cases that validate that the internal
program logic is functioning properly, and that program input produce valid outputs. All
decision branches and internal code flow should be validated. It is the testing of
individual software units of the application .it is done after the completion of an
individual unit before integration. This is a structural testing, that relies on knowledge
of its construction and is invasive. Unit tests perform basic tests at component level and
test a specific business process, application, and/or system configuration. Unit tests
ensure that each unique path of a business process performs accurately to the
documented specifications and contains clearly defined inputs and expected results.
8.3.2 Functional test
Functional tests provide systematic demonstrations that functions tested are
available as specified by the business and technical requirements, system
documentation, and user manuals.
Functional testing is centered on the following items:
Valid Input
: identified classes of valid input must be accepted.
Invalid Input
: identified classes of invalid input must be rejected.
Functions
: identified functions must be exercised.
Output
: identified classes of application outputs must be exercised.
Systems/Procedures : interfacing systems or procedures must be invoked.
8.3.3 System Test

System testing ensures that the entire integrated software system meets
requirements. It tests a configuration to ensure known and predictable results. An
example of system testing is the configuration oriented system integration test. System
testing is based on process descriptions and flows, emphasizing pre-driven process links
and integration points.
8.3.4 Performance Test
The Performance test ensures that the output be produced within the time
limits,and the time taken by the system for compiling, giving response to the users and
request being send to the system for to retrieve the results.
8.3.5 Integration Testing
Software integration testing is the incremental integration testing of two or more
integrated software components on a single platform to produce failures caused by
interface defects.
The task of the integration test is to check that components or software
applications, e.g. components in a software system or one step up software
applications at the company level interact without error.
8.3.6 Acceptance Testing

User Acceptance Testing is a critical phase of any project and requires significant
participation by the end user. It also ensures that the system meets the functional
requirements.
Acceptance testing for Data Synchronization:
The Acknowledgements will be received by the Sender Node after the Packets
are received by the Destination Node
The Route add operation is done only when there is a Route request in need
The Status of Nodes information is done automatically in the Cache Updation
process
8.2.7 Build the test plan
Any project can be divided into units that can be further performed for detailed
processing. Then a testing strategy for each of this unit is carried out. Unit testing helps
to identity the possible bugs in the individual component, so the component that has
bugs can be identified and can be rectified from errors.
CHAPTER 9
APPLICATION
9.1 GENERAL
Recently, the importance of ensuring the remote data integrity has been
highlighted by the following research works under different system and security models
. These techniques, while can be useful to ensure the storage correctness without having
users possessing local data, are all focusing on single server scenario. They may be
useful for quality-of-service testing but does not guarantee the data availability in case
of server failures. Although direct applying these techniques to distributed storage
(multiple servers) could be straightforward, the resulted storage verification overhead
would be linear to the number of servers. As an complementary approach, researchers
have also proposed distributed protocols for ensuring storage correctness across
multiple servers or peers. However, while providing efficient cross server storage
verification and data availability insurance, these schemes are all focusing on static or
archival data. As a result, their capabilities of handling dynamic data remains unclear,
which inevitably limits their full applicability in cloud storage scenarios.
9.2 APPLICATION
o Storing the data in cloud is very feasible so it can be stored in anywhere at
any time.
o There is no burden local systems.
o Storage is secure.
9.3 FUTIRE ENHANCEMENTS

In Future there is no need of third party validation . Instead of TPA cloud service
provider will provide security for our data. This is employed to reduce the
computational cost.
REFERENCE OR BIBLIOGRAPHY
Title:
Dynamic Provable Data Possession
Author:
C. Chris Erway Alptekin Kupc u Charalampos Papamanthou

Roberto Tamassia
Title:
Author:
HAIL: A High-Availability and Integrity Layer for Cloud Storage

Kevin D. Bowers
Title :
Incremental Cryptography: The Case of Hashing and Signing
Author:
M. Bellare_ O. Goldreichy S. Goldwasserz
Title:
A Practical Byzantine Fault Tolerance and Proactive Recovery
Author:
M. Castro and B. Liskov
Title:
Privacy-preserving public auditing for storage security in cloud

computing
Author:
C. Wang, Q. Wang, K. Ren, and W. Lou
Title:
Scalable and Efcient Provable Data Possession
Author:
Giuseppe Ateniese 1 , Roberto Di Pietro 2 , Luigi V.

Mancini 3 , and Gene Tsudik
Title :
Privacy-Preserving Audit and Extraction of Digital Contents
Author :
Mehul A. Shah Ram Swaminathan Mary Baker
Title:
Store, Forget, and Check: Using Algebraic Signatures to Check
Remotely Administered Storage

Author:Thomas Schwarz, S.J.Ethan L. Miller
Title:
A Cooperative Internet Backup Scheme

Author:Andrew Birrell Mike Burrows Michael Isard
Title:
Auditing to Keep Online Storage Services Honest
Author:
Mehul A. Shah, Mary Baker, Jeffrey C. Mogul, Ram

Swaminathan

Towards Secure and Dependaple Storage Services in Cloud Computing

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Towards Secure and Dependaple Storage Services in Cloud Computing

Uploaded by

Copyright:

Available Formats

Towards Secure and Dependable Storage Services in

1.4.1 PROPOSED SYSTEM ADVANTAGES

CHAPTER 4 : SYSTEM DESIGN

4.2 DATABASE DESIGN

7.2 VARIOUS SNAPSHOTS

8.3 TYPES OF TESTING

9.3 FUTURE ENHANCEMENTS

NAME OF THE FIGURE

Use case Diagram

Data flow diagram

represents the way the

Used for additional

another use case but

between various use

State of the processs.

Initial state of the

control flow between

modules which are a

been triggered due to

some event or acion.

cloud service providers

Third Party Auditor

Local Area Network

Internet Service Provider

1.3 Existing SYSTEM

1.3.1 LITERATURE SURVEY

Dynamic Provable Data Possession

As storage-outsourcing services and resource-sharing networks have become

enitional framework and efcient constructions for

Title: HAIL: A High-Availability and Integrity Layer for Cloud

Incremental Cryptography: The Case of Hashing and Signing

We initiate the investigation of a new kind of eciency for cryptographic

A Practical Byzantine Fault Tolerance and Proactive Recovery

M. Castro and B. Liskov

malicious attacks are a major cause of service

Privacy-preserving public auditing for storage security in

C. Wang, Q. Wang, K. Ren, and W. Lou

Scalable and Efcient Provable Data Possession

Giuseppe Ateniese 1 , Roberto Di Pietro 2 , Luigi V. Mancini 3 ,

Storage outsourcing is a rising trend which prompts a number of interesting security

1.3.1.7.Title : Privacy-Preserving Audit and Extraction of Digital Contents

Mehul A. Shah Ram Swaminathan Mary Baker

A growing number of online services, such as Google, Yahoo!, and Amazon,

Store, Forget, and Check: Using Algebraic Signatures to Check

Thomas Schwarz, S.J.Ethan L. Miller

A Cooperative Internet Backup Scheme

Andrew Birrell Mike Burrows Michael Isard

We present a novel peer-to-peer backup technique that allows computers

Auditing to Keep Online Storage Services Honest

A growing number of online service providers offer to store customers' photos,

1.4 PROPOSED SYSTEM

Third party auditing

User Interface Design

Flexible distributed storage service

Dynamic data manipulation

1.3.1 MODULE DIAGRAM:

Third party auditing

Dynamic data manipulation:

3.2 HARDWARE REQUIREMENTS

contract for the

implementation of the system and should therefore be a complete and consistent

PENTIUM IV 2.6 GHz,Intel Core 2 Duo.

STANDARD 102 KEYS